Biggest fuel pipeline in US stops working after cyber attack

Colonial Pipeline took its systems offline to contain the threat.
Colonial Pipeline took its systems offline to contain the threat.PHOTO: BLOOMBERG

WASHINGTON - A cyber attack has disrupted the operation of an oil pipeline that transports almost half of the fuel supplies of the United States’ East Coast.

Colonial Pipeline, which supplies petrol, diesel, jet fuel and other refined fuel products from the Gulf of Mexico coast to the eastern and southern US, at 2.5 million barrels a day through 8,850km of pipelines, said it learnt of the attack on Friday and took its systems offline to contain the threat.

The company, whose petrol and diesel pipelines are the largest in the US, halted all operations after detecting the attack. The halt was temporary, it said, with government security agencies notified and a cyber-security firm contracted to investigate.

“We proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations and affected some of our IT operations,” it said.

No details were given on how long the shutdown of the pipeline that carries 45 per cent of East Coast fuel supplies, including to ports and airports in New York, would continue.

The Washington Post cited an unnamed US official as saying it was a ransomware attack, and it was not yet known whether it was carried out by a foreign government or a criminal network.

The impact of the supply disruption was also still unclear, and would depend on how much buffer stock is in storage and how long the shutdown continues, energy experts said.

The bigger issue, though, is the vulnerability of critical infrastructure.

The attack may be a probing action to seek vulnerability, said Dr Paul Sullivan, who lectures on energy and national security at the National Defence University.

“And it is a message to others who might want to do it that it can be done,” he told The Sunday Times. “This should be a four-alarm warning to the industry.”

The cyber attack comes just months after two major attacks on US computer networks – the SolarWinds intrusion attributed to Russian intelligence agencies; and an attack blamed on Chinese hackers, against a Microsoft e-mail service.

President Joe Biden’s administration announced sanctions against Russia last month in retaliation, and government security agencies in a joint advisory warned of networks’ vulnerabilities to Russian intelligence. 

Mr Biden is expected to issue an executive order requiring more security for critical infrastructure, and enhanced security for vendors providing services to the federal government.